$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/23EF2DF6351F11F097C3DD64C4F9AE02.roa File: 23EF2DF6351F11F097C3DD64C4F9AE02.roa (raw, json) Hash identifier: Co/eS5HXz2FythagOpL3RQuNAzl5m9DtBfc7Vxb2/cQ= Subject key identifier: 38:01:BC:5D:78:C6:5D:3E:D9:B5:4F:C7:5B:64:34:45:C6:93:B9:2F Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A Certificate serial: 4B3D Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/23EF2DF6351F11F097C3DD64C4F9AE02.roa Signing time: Tue 20 May 2025 02:07:11 +0000 ROA not before: Tue 20 May 2025 02:07:11 +0000 ROA not after: Fri 31 Oct 2025 00:00:00 +0000 asID: 149148 IP address blocks: 103.38.236.0/23 maxlen: 23 2400:c0e0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Jun 2025 14:35:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19261 (0x4b3d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A560A, serialNumber=167C3B221775FEC05039468150CE814756AC6F0A Validity Not Before: May 20 02:07:11 2025 GMT Not After : Oct 31 00:00:00 2025 GMT Subject: CN=682be3cf-d5b2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:d9:0d:d4:ea:3e:65:9f:df:f6:55:81:6e:1f: 8c:ff:59:6d:c0:e9:fe:fd:1e:9b:dd:40:f4:ba:49: be:71:de:5c:cc:77:3d:21:45:f5:6d:d6:58:f4:0b: d2:a4:51:b0:24:8a:0e:9e:a9:92:4a:0d:5a:0a:a7: cd:20:ff:cc:c7:86:99:50:67:cc:a1:14:35:66:f2: 40:c1:c9:ee:44:36:3a:c6:49:70:bb:7b:5a:da:26: 8e:6f:af:01:4d:0a:4c:e7:ed:5c:11:b1:5c:2e:e8: e4:e4:e3:05:d5:4a:77:5e:d4:40:3f:54:f1:ff:d2: 3a:d2:c0:60:f2:f1:60:f4:88:02:82:14:38:57:32: 0b:f2:f6:88:9c:f8:fd:84:82:4a:90:46:0d:ba:da: a0:f0:54:d4:3a:53:5e:32:f4:f0:de:10:6d:fd:f1: 7b:bc:ea:cf:fa:85:b4:4f:91:82:48:cd:2e:11:9e: fe:7c:5c:64:cb:c2:da:94:5a:00:14:d5:19:ff:c7: 48:85:61:37:b7:35:1f:ac:99:24:6e:0a:0e:50:1a: 78:c6:8f:7d:97:d4:83:4d:f7:b5:4f:95:51:68:54: e0:d1:c3:ee:b1:92:55:5f:db:aa:48:03:b5:89:f0: 3c:75:2d:83:7e:ca:2a:95:ed:9c:51:8d:56:92:24: c4:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:01:BC:5D:78:C6:5D:3E:D9:B5:4F:C7:5B:64:34:45:C6:93:B9:2F X509v3 Authority Key Identifier: keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/23EF2DF6351F11F097C3DD64C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.38.236.0/23 IPv6: 2400:c0e0::/48 Signature Algorithm: sha256WithRSAEncryption 25:e7:9e:eb:b9:c4:dd:70:11:20:8e:f9:92:31:5b:c4:cc:5b: a3:e1:72:77:aa:14:6a:94:bd:d7:c6:48:8a:d7:80:e4:6d:dd: 8b:b4:f1:09:03:38:1b:0a:36:19:2d:8d:3c:bd:0a:54:78:6e: 63:5c:94:e8:5b:1a:19:1f:85:51:b1:12:7a:dd:37:ec:12:a1: 37:ca:7d:44:41:7f:20:dc:b3:5a:7e:13:e5:d0:fe:9f:55:24: 80:e5:c6:03:51:78:26:81:ae:d7:75:5e:c8:e6:db:18:96:76: ad:d8:30:02:fe:e9:73:36:56:d1:4b:89:8c:bf:69:e1:32:0c: 67:4f:77:cf:8f:89:b9:31:b7:0e:8d:d0:76:b2:0f:17:66:a9: 31:50:fa:3f:e2:ba:25:33:45:91:9b:e2:82:b3:d3:27:db:cb: 27:d5:6d:78:7b:61:14:36:77:9e:51:5d:e1:2f:e6:d6:96:86: 07:94:71:c6:fc:e6:d2:9c:39:80:1c:c4:09:93:f2:10:46:19: f0:ee:96:7e:70:d1:bf:4c:c6:16:4d:84:fb:bf:ad:25:e8:28: d7:19:d2:07:ca:e7:72:45:18:d5:91:a3:86:91:7f:0a:74:06: 18:f1:6c:42:b7:aa:15:0f:08:ce:3b:e8:c8:d3:31:9f:b3:04: 0f:f4:50:a4 -----BEGIN CERTIFICATE----- MIIFgjCCBGqgAwIBAgICSz0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3 NTZBQzZGMEEwHhcNMjUwNTIwMDIwNzExWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODJiZTNjZi1kNWIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtdkN1Oo+ZZ/f9lWBbh+M/1ltwOn+/R6b3UD0ukm+cd5czHc9IUX1bdZY9AvS pFGwJIoOnqmSSg1aCqfNIP/Mx4aZUGfMoRQ1ZvJAwcnuRDY6xklwu3ta2iaOb68B TQpM5+1cEbFcLujk5OMF1Up3XtRAP1Tx/9I60sBg8vFg9IgCghQ4VzIL8vaInPj9 hIJKkEYNutqg8FTUOlNeMvTw3hBt/fF7vOrP+oW0T5GCSM0uEZ7+fFxky8LalFoA FNUZ/8dIhWE3tzUfrJkkbgoOUBp4xo99l9SDTfe1T5VRaFTg0cPusZJVX9uqSAO1 ifA8dS2Dfsoqle2cUY1WkiTEMQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFDgBvF14 xl0+2bVPx1tkNEXGk7kvMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvMjNFRjJERjYz NTFGMTFGMDk3QzNERDY0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E ITAfMAwEAgABMAYDBAFnJuwwDwQCAAIwCQMHACQAwOAAADANBgkqhkiG9w0BAQsF AAOCAQEAJeee67nE3XARII75kjFbxMxbo+Fyd6oUapS918ZIiteA5G3di7TxCQM4 Gwo2GS2NPL0KVHhuY1yU6FsaGR+FUbESet037BKhN8p9REF/INyzWn4T5dD+n1Uk gOXGA1F4JoGu13VeyObbGJZ2rdgwAv7pczZW0UuJjL9p4TIMZ093z4+JuTG3Do3Q drIPF2apMVD6P+K6JTNFkZvigrPTJ9vLJ9VteHthFDZ3nlFd4S/m1paGB5Rxxvzm 0pw5gBzECZPyEEYZ8O6WfnDRv0zGFk2E+7+tJego1xnSB8rnckUY1ZGjhpF/CnQG GPFsQreqFQ8IzjvoyNMxn7MED/RQpA== -----END CERTIFICATE-----Generated at Tue Jun 3 23:50:56 2025 by rpki-client